{"id":20613349,"url":"https://github.com/nodertc/dtls","last_synced_at":"2025-04-15T07:12:13.771Z","repository":{"id":31726431,"uuid":"124543013","full_name":"nodertc/dtls","owner":"nodertc","description":"Datagram Transport Layer Security (DTLS) client.","archived":false,"fork":false,"pushed_at":"2022-01-11T23:25:06.000Z","size":2343,"stargazers_count":83,"open_issues_count":10,"forks_count":11,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-04-15T07:12:08.776Z","etag":null,"topics":["aead","aes","aes-gcm","crypto","dtls","ecdhe","ecdsa","js","mtu","node","nodejs","psk","rsa","safety","security","sha256","sha384","tls","udp","webrtc"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nodertc.png","metadata":{"files":{"readme":"readme.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"custom":["https://www.buymeacoffee.com/reklatsmasters"]}},"created_at":"2018-03-09T13:18:28.000Z","updated_at":"2025-03-15T15:07:08.000Z","dependencies_parsed_at":"2022-08-07T16:30:54.541Z","dependency_job_id":null,"html_url":"https://github.com/nodertc/dtls","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodertc%2Fdtls","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodertc%2Fdtls/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodertc%2Fdtls/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodertc%2Fdtls/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nodertc","download_url":"https://codeload.github.com/nodertc/dtls/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249023730,"owners_count":21199960,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aead","aes","aes-gcm","crypto","dtls","ecdhe","ecdsa","js","mtu","node","nodejs","psk","rsa","safety","security","sha256","sha384","tls","udp","webrtc"],"created_at":"2024-11-16T11:09:46.217Z","updated_at":"2025-04-15T07:12:13.738Z","avatar_url":"https://github.com/nodertc.png","language":"JavaScript","funding_links":["https://www.buymeacoffee.com/reklatsmasters"],"categories":[],"sub_categories":[],"readme":"# @nodertc/dtls\n\n[![stability-experimental](https://img.shields.io/badge/stability-experimental-orange.svg)](https://github.com/emersion/stability-badges#experimental)\n[![Build Status](https://travis-ci.org/nodertc/dtls.svg?branch=master)](https://travis-ci.org/nodertc/dtls)\n[![npm](https://img.shields.io/npm/v/@nodertc/dtls.svg)](https://www.npmjs.com/package/@nodertc/dtls)\n[![node](https://img.shields.io/node/v/@nodertc/dtls.svg)](https://www.npmjs.com/package/@nodertc/dtls)\n[![license](https://img.shields.io/npm/l/@nodertc/dtls.svg)](https://www.npmjs.com/package/@nodertc/dtls)\n[![downloads](https://img.shields.io/npm/dm/@nodertc/dtls.svg)](https://www.npmjs.com/package/@nodertc/dtls)\n[![Gitter chat](https://badges.gitter.im/nodertc.png)](https://gitter.im/nodertc/community)\n\nSecure UDP communications using Datagram Transport Layer Security protocol version 1.2 in **pure js**. Follow [RFC6347](https://tools.ietf.org/html/rfc6347), [RFC7627](https://tools.ietf.org/html/rfc7627).\n\n[![asciicast](fixtures/terminalizer/render1533622791504.gif)](https://asciinema.org/a/195096)\n\n### Support\n\n[![Buy Me A Coffee](https://www.buymeacoffee.com/assets/img/custom_images/purple_img.png)](https://www.buymeacoffee.com/reklatsmasters)\n\n### Features\n\n* **no native dependecies!**\n* modern secure ciphers (by default)\n* in-out fragmentation / in-out retransmission\n* merge outgoing handshakes\n\n### Usage\n\n```\nnpm i @nodertc/dtls\n```\n\n```js\nconst dtls = require('@nodertc/dtls');\n\nconst socket = dtls.connect({\n  type: 'udp4',\n  remotePort: 4444,\n  remoteAddress: '127.0.0.1',\n});\n\nsocket.on('error', err =\u003e {\n  console.error(err);\n});\n\nsocket.on('data', data =\u003e {\n  console.log('got message \"%s\"', data.toString('ascii'));\n  socket.close();\n});\n\nsocket.once('connect', () =\u003e {\n  socket.write('Hello from Node.js!');\n});\n```\n\n### Suppored ciphers:\n\n* TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (_nodejs v11.2+ only_)\n* TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (_nodejs v11.2+ only_)\n* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\n* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\n* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n* TLS_RSA_WITH_AES_128_GCM_SHA256\n* TLS_RSA_WITH_AES_256_GCM_SHA384\n* TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 (_nodejs v11.2+ only_)\n* TLS_PSK_WITH_AES_128_GCM_SHA256\n* TLS_PSK_WITH_AES_256_GCM_SHA384\n* TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256\n* TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384\n* TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256\n\n### API\n\n* `dtls.connect(options: Options [, callback: function]) : Socket`\n\nCreates an esteblished connection to remote dtls server. A `connect()` function also accept all options for [`unicast.createSocket()`](https://www.npmjs.com/package/unicast) or [`dgram.createSocket()`](https://nodejs.org/dist/latest-v8.x/docs/api/dgram.html#dgram_dgram_createsocket_options_callback). If `options.socket` is provided, these options will be ignored.\n\nThe `callback` function, if specified, will be added as a listener for the 'connect' event.\n\n* `options.socket`\n\nA [duplex stream](https://nodejs.org/api/stream.html#stream_class_stream_duplex) in a common case. It is also [unicast](https://www.npmjs.com/package/unicast) or [dgram](https://nodejs.org/dist/latest-v8.x/docs/api/dgram.html) socket instance. Used if you want a low level control of your connection.\n\n* `options.extendedMasterSecret: bool, [default=true]`\n\nThis option enable the use [Extended Master Secret](https://tools.ietf.org/html/rfc7627) extension. Enabled by default.\n\n* `options.checkServerIdentity: function(certificate): bool`\n\nOptional certificate verify function.\n\n* `options.certificate: Buffer`\n\nPEM-encoded client certificate, optional. Supports RSASSA-PKCS1-v1_5 and ECDSA certificates.\n\n* `options.certificatePrivateKey: Buffer`\n\nPEM-encoded private key for client certificate.\n\n* `options.maxHandshakeRetransmissions: number`\n\nThe number of retransmissions during on handshake stage.\n\n* `options.alpn: string | string[]`\n\nThe list of the supported ALPN protocols.\n* `options.pskIdentity: String|Buffer`\n\nIdentity string for PSK key exchange, see [RFC4279](https://tools.ietf.org/html/rfc4279).\n\n* `options.pskSecret: String|Buffer`\n\nSecret data for the identity string of PSK key exchange.\n\n* `options.ignorePSKIdentityHint: boolean, default=true`\n\nBoth clients and servers may have pre-shared keys with several different parties.  The client indicates which key to use by including a \"PSK identity\" (_see `options.pskIdentity` above_) in the ClientKeyExchange message. To help the client in selecting which identity to use, the server can provide a \"PSK identity hint\" in the ServerKeyExchange message.\n\n* `options.cipherSuites: number[]|string[]`\n\nList of supported by client cipher suites. Default cipher suites:\n  - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (_in nodejs v11+ only_)\n  - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (_in nodejs v11+ only_)\n  - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256\n  - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384\n  - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n  - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384\n\nSee above a full list of supported cipher suites.\n\n* `class Socket`\n\nA `Socket` is also a [duplex stream](https://nodejs.org/api/stream.html#stream_class_stream_duplex), so it can be both readable and writable, and it is also a [EventEmitter](https://nodejs.org/api/events.html#events_class_eventemitter).\n\n* `Socket.setMTU(mtu: number): void`\n\nSet MTU (minimal transfer unit) for this socket, 1420 bytes maximal.\n\n* `Socket.getMTU(): number`\n\nReturn MTU (minimal transfer unit) for this socket, 1200 bytes by default.\n\n* `Socket.setTimeout(timeout: number[, callback: function()])`\n\nSets the socket to timeout after timeout milliseconds of inactivity on the socket. By default `dtls.Socket` do not have a timeout.\n\nThe optional callback parameter will be added as a one-time listener for the 'timeout' event.\n\n* `Socket.close(): void`\n\nClose socket, stop listening for socket. Do not emit `data` events anymore.\n\n* `Socket.alpnProtocol: string`\n\nGet a string that contains the selected ALPN protocol.\n\n* `Event: connect`\n\nThe 'connect' event is emitted after the handshaking process for a new connection has successfully completed.\n\n* `Event: timeout`\n\nEmitted if the socket times out from inactivity. This is only to notify that the socket has been idle.\n\n* `dtls.constants: Object`\n  - `cipherSuites: Object`\n  A full list supported cipher suites. See above for detailes.\n\n### How to debug?\n\nStart dtls server:\n\n```sh\ndocker run -it --name dtlsd --rm -e \"GNUTLS_DEBUG_LEVEL=2\" -e \"PRIORITY=NORMAL:+AEAD:+ECDHE-RSA:+VERS-DTLS1.2\" -e \"KEYFILE=key-rsa.pem\" -e \"CERTFILE=cert-rsa.pem\" -p 4444:4444/udp nodertc/dtls-server:1\n```\n\nStart default client:\n\n```sh\nnpm start\n```\n\n## License\n\nMIT, 2018 - 2019 \u0026copy; Dmitriy Tsvettsikh\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnodertc%2Fdtls","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnodertc%2Fdtls","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnodertc%2Fdtls/lists"}